CVE-2021-42723

HIGH

Adobe Bridge < 11.1.1 - Out-of-bounds Read via Crafted SGI File

Title source: llm
STIX 2.1

Description

Adobe Bridge version 11.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted SGI file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

References (1)

Core 1
Core References
Not Applicable, Vendor Advisory x_refsource_misc
https://helpx.adobe.com/security/products/bridge/apsb21-94.html

Scores

CVSS v3 7.8
EPSS 0.0239
EPSS Percentile 82.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-125
Status published
Products (1)
adobe/premiere_pro < 15.4
Published Nov 16, 2021
Tracked Since Feb 18, 2026